• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2021-24682

February 23, 2023 by

The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks.

CVE-2021-24683

February 23, 2023 by

The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue.

CVE-2021-24685

February 23, 2023 by

The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and escape them, which could allow attackers to a make logged in admin change them with a Cross-Site Scripting payload (triggered either in the frontend or backend depending on the payload)

CVE-2021-24686

February 23, 2023 by

The SVG Support WordPress plugin before 2.3.20 does not escape the “CSS Class to target” setting before outputting it in an attribute, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2021-24687

February 23, 2023 by

The Modern Events Calendar Lite WordPress plugin before 5.22.2 does not escape some of its settings before outputting them in attributes, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

CVE-2021-24690

February 23, 2023 by

The Chained Quiz WordPress plugin before 1.2.7.2 does not properly sanitize or escape inputs in the plugin’s settings.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1577
  • Go to page 1578
  • Go to page 1579
  • Go to page 1580
  • Go to page 1581
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE